Discovered by our researchers while inspecting new malware submissions to VirusTotal, Scorp is a piece of malicious software classified as ransomware. After analyzing this program, we found that it is part of the VoidCrypt ransomware family. On our testing system, Scorp encrypted files and append
Neptun Tab is a rogue browser extension, which our research team discovered while analyzing fake Google Chrome updates. This piece of software is endorsed as a tool capable of allowing users to customize their browsers' homepage and new tab appearance - including such widgets as weather, time, rem
Vsbnw is a piece of malicious software categorized as ransomware, which our researchers found while inspecting new malware submissions on VirusTotal. Once launched onto our test machine, this ransomware began encrypting files and appending their filenames with a random character string and the ".
MultiDetail is a rogue application that our research team discovered while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that it is an adware belonging to the AdLoad malware family. Whether adware delivers intrusive advertisement campaign
"Your Account Needs Attention!" is a spam email that we have received and subsequently analyzed. We determined that it is a phishing scam. The letter claims that unless the recipient updates their email account - it will be deactivated in a matter of hours. This spam mail aims to trick the recipi
Our team has discovered this technical support scam page while examining websites that use rogue advertising networks and have deceptive ads on them. We learned that the purpose of this page is to scare visitors into calling the provided number (into contacting scammers for fake technical support)
Our researchers discovered the Ask Ali browser extension while inspecting deceptive download webpages. This extension promises easy access to "one of the most prominent online shopping services". The extension's name and the imagery used in its official webpage imply that the e-commerce platform i
We have analyzed the websiteshove[.]com page and found that it uses a clickbait technique to trick visitors into granting it permission to show untrustworthy notifications and redirects to other websites. Our team has discovered websiteshove[.]com while visiting pages that use rogue advertising ne
On February 23rd, another wave of geopolitically-motivated attacks was observed in Ukraine. This campaign employs HermeticWiper (also known as FoxBlade) - a piece of malicious software designed to wipe (delete) data and render devices using the Windows Operating System (OS) - inoperable. Attacks
Our team has discovered the Jjtt ransomware while checking malware samples submitted to VirusTotal. It was found that Jjtt is part of the Djvu ransomware family. Jjtt encrypts files, appends the ".jjtt" extension to filenames, and creates the "_readme.txt" file. The "_readme.txt" file is a ransom